On Wed, Oct 11, 2000 at 12:51:34AM +0200, Michael Steiner wrote: > Hi to All! > > I block all traffic not realy needed by ipchains. > When fetching email from my isp I logged attempts by the isp-mailserver > with tcp to port 113. > > Can you tell me where to find information about port 113 usage? > (/etc/services I checked, but doesnt give me background information) > Should or shouldn't I block port 113 ?
113 is the port of the auth[entication] (or ident[ity]) service which will give out user information to anyone who asks. Some mail servers try a lookup, but they certainly don't require it to succeed. Same for some IRQ servers. Your options: 1) uninstall 'pidentd' (recommended) 2) block it, but then what's the point of having it installed? 3) restrict it to a few trusted sites using /etc/hosts.allow 4) replace it with something that gives out bogus information Gruesse in den 14. Christian
